SO YOU WANT TO BE IN CYBER SECURITY? A boy comes to me with a spark of interest, I feed that spark and it becomes a flame, I feed the flame and it becomes a fire, I fed the fire and it becomes a roaring blaze. ~Cus D Amato
//CYBER SECURITY The interconnection and reliance of physical lifeline functions over the Internet (cyberspace) that impacts our: National Security Public Health and Safety Economic well-being 2
WHY CYBER SECURITY IS A GOOD FIELD The cyber security industry is booming 0% unemployment rate for qualified cyber security professionals ~Phil Agcaoili Information security jobs are expected to grow by 53% through 2018 Bureau of Labor Statistics Average annual salary is $116,000 a year for a cyber security worker Semper Secure survey 25% of all organizations claim to have a problematic shortage of information security skills Network World, 2014 Among the most sought-after professionals in the tech sector, with demand for workers in cyber security field outpacing other IT jobs by a wide margin. CIO Magazine 2014 Demand for cybersecurity profs has grown more than 3.5x faster than the demand for other IT jobs over the past 5 years and more than 12x faster than the demand for all other non-it jobs. Current staffing shortages are estimated between 20,000 and 40,000 and are expected to continue for years to come. Burning Glass International Critical need to fill 50,000 cyber security jobs in the near future in the federal government and private industry Washington Post 2012 3
CYBER SECURITY CAREER OPTIONS Board of Directors CEO Corporate Governance Leader CFO COO GC Internal Audit Leader Operations Leader CSO Audit Management Risk Management Compliance Management Auditor Governance Analyst Risk Analyst Compliance Analyst IT Roles Network Administrator System Administrator Network Management Database Administrator Developer and QA CIO CISO Physical Security Management Information Security Management Risk Management Fraud Management Program Management Project Management Officer Investigator Loss Prevention Fraud Analyst Security Strategist/Principle Security Architect Security Engineer Security Analyst Security Administrator Specialty Roles Security Assurance Penetration Tester eforensics and Litigation Support Threat Intelligence Application Security Security Software Developer Identity Management Cryptographer Founder Security is a field of Service, Ethics, and Integrity CTO Product Leader Service Leader Product Management Services Management Technologist Strategist Analyst Managing Consultant Consultant 4
*TOP 10 CYBER SECURITY JOB TITLES Security Engineer Security Analyst Information Security Analyst Information Security Engineer Network Security Engineer Information Technology Security Analyst Information Security Manager Information Assurance Engineer Senior IT Auditor Security Administrator *UMUC.edu study 5
*IN-DEMAND SKILLS FOR CYBER SECURITY JOBS Employers are seeking to hire employees with proficiency in: Firewalls Network Security LINUX UNIX CISA Cryptography Cisco Transmission Control Protocol/Internet Protocol (TCP/IP) System and Network Configuration Scanners 4 out of 5 Cyber Security Jobs Require a Degree Burning Glass International 2013 *UMUC.edu study 6
*TOP 5 REGIONS FOR CYBER SECURITY JOBS Palo Alto, California San Francisco, California Baltimore, Maryland Boston, Massachusetts Denver, Colorado Metropolitan areas *UMUC.edu study 7
Information Security Certifications 8
HOW I GOT HERE Our bravest and best lessons are not learned through success, but through misadventure. ~Amos Bronson Alcott I have no special talent. I am only passionately curious. ~Albert Einstein 9
HOW DO I GET STARTED? Experience. Experience. Experience. Systems administrator Network administrator Database administrator Software development Quality Assurance Project management Audit Penetration testing Ask Gain experience. 10
Hope is not a plan. 11
Typical Career Trajectory Excel in high school science Major in science in college and excel Go to grad school because that s what excellent students do Hang on for six years or more, get PhD Do a postdoc Hit the wall Scramble to find any job you can Hope to someday be happy versus Mythical Career Trajectory Excel in high school science Major in science in college and excel Go to grad school, get Ph.D. in 4 years Do a postdoc for 2 years Publish 5-7 papers Decide which tenuretrack offer to accept at age 28 Rise through the faculty ranks, tenure by 38 12
TYPICAL CAREER TRAJECTORY Cyber security has been like this for me and many others. 13
BETTER CAREER TRAJECTORY Excel in school, maybe get a Ph.D. and then start a postdoc because it furthers your career Explore a variety of career options Decide what fits your personality best Set goals and work hard Find a job that is challenging, rewarding and satisfying to YOU 14
SOME THOUGHTS ON WHAT DRIVES US Autonomy Mastery Purpose Independence Purpose - Service Happiness Thanks, Mom and Dad! 15
16
WHY PLAN YOUR CAREER? You are responsible for your own career. Jobs are not permanent. Increase your chances of job satisfaction. 17
WHY IS CAREER PLANNING HARD? No sense of urgency Leads to difficult life questions Sets goals and increases stress Uncovers unexamined career assumptions 18
TWO HABITS OF HIGHLY EFFECTIVE CAREER PLANNING Begin With the End in Mind If you can t see yourself as successful, you have already failed. Where do you want to be 1, 3, 5, and 10 years from now? What experiences do you want? Put First Things First You can t do everything, prioritize your goals. Begin where you are right now. Consider assignments or projects that you would like, as well as jobs or positions. Include opportunities where you can contribute and learn. An essential aspect of creativity is not being afraid to fail. ~Edwin Land, Founder of Polaroid 19
CLOSING THOUGHTS Your time is limited, so don't waste it living someone else's life. Don't be trapped by dogma - which is living with the results of other people's thinking. Don't let the noise of others' opinions drown out your own inner voice. And most important, have the courage to follow your heart and intuition. Steve Jobs 20
Phil Agcaoili Thanks Contributor, NIST Cybersecurity Framework version 1 Co-Founder & Board Member, Southern CISO Security Council Distinguished Fellow and Fellows Chairman, Ponemon Institute Founding Member, Cloud Security Alliance (CSA) Inventor & Co-Author, CSA Cloud Controls Matrix, GRC Stack, Security, Trust and Assurance Registry (STAR), and CSA Open Certification Framework (OCF) @hacksec https://www.linkedin.com/in/phila 21